summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
Commit message (Collapse)AuthorAgeFilesLines
* bind: fix two CVEsZheng Ruoqin2016-11-081-0/+2
| | | | | | | | | | | | | | | | | | Add two CVE patches from upstream git: https://www.isc.org/git/ 1.CVE-2016-2775.patch 2.CVE-2016-2776.patch (From OE-Core rev: 5f4588d675e400f13bb6001df04790c867a95230) (From OE-Core rev: ecc0a8ba077305c51804fd7bc287758b43420a76) Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-2088Jussi Kukkonen2016-04-181-0/+1
| | | | | | | | | | | | | | | | | Duplicate EDNS COOKIE options in a response could trigger an assertion failure: Fix with a backport. bind as built with the oe-core recipe is not at risk: Only servers which are built with DNS cookie support (--enable-sit) are vulnerable to denial of service. Fixes [YOCTO #9438] (From OE-Core rev: da38a9840b32e80464e2938395db5c9167729f7e) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-04-141-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 (From OE-Core rev: 080d1a313e4982dd05846b375ebf936c46934d80) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: /var/cache/bindJoe Slater2016-03-251-3/+2
| | | | | | | | | | Change the ownership of /var/cache/bind to bind rather than root. (From OE-Core rev: 6c76c9e5bb4f4bf6adfac7ccece03d7dcdea7f3d) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.10.3-P3Derek Straka2016-01-261-0/+106
Addresses CVE-2015-8704 and CVE-2015-8705 CVE-2015-8704 Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record CVE-2015-8705: When debug loggin is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option [YOCTO 8966] References: https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705 (From OE-Core rev: 58d47cdf91076cf055046ce9ec5f3e2e21dae1c0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-21 04:45:55 +0000